On Jun 5, 2017 1:13 PM, "Thiago Macieira" <thiago.macieira at intel.com> wrote:
See https://www.iotivity.org/downloads/iotivity-1.3.0 https://wiki.iotivity.org/release_note_1.3.0 ... Security advisories Since release 1.3.0, IoTivity no longer includes any cryptographic code, with the previously-bundled TinyDTLS code removed. It does depend on a third-party cryptographic library, called mbedTLS <https://github.com/ARMmbed/mbedtls/>, which is not shipped with IoTivity and must be installed separately during the build process. just took a quick look at the release notes, https://wiki.iotivity.org/release_note_1.3.0, which indicate, under "How to Apply mbedtls 2.4.2 version", that we are to apply a patch to mbedtls. if that's the case, why not just include the patched code? to me that means that iotivity does in fact include cryptographic code. gregg -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.iotivity.org/pipermail/iotivity-dev/attachments/20170607/6ecca110/attachment.html>
